package com.shiro.config;

import com.shiro.pojo.UserBean;
import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
 
 
 
/**
 *  CredentialsMatcher
 *  接口由类实现，该类可以确定是否提供了AuthenticationToken凭证与系统中存储的相应帐户的凭证相匹配。
 *  Shiro 加密匹配 重写匹配方法CredentialsMatcher  使用JWTUtil 匹配方式
 */
public class JWTCredentialsMatcher  implements CredentialsMatcher {
 
    private Logger logger = Logger.getLogger(JWTCredentialsMatcher.class);
 
    /**
     * Matcher中直接调用工具包中的verify方法即可
     */
    @Override
    public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
        String token = (String) ((JwtToken)authenticationToken).getToken();
        UserBean user = (UserBean)authenticationInfo.getPrincipals().getPrimaryPrincipal();
        //得到DefaultJwtParser
        Boolean verify = JwtUtil.isVerify(token, user);
        logger.info("JWT密码效验结果="+verify);
        return verify;
    }
}